[Shorewall-users] Blocking Audio Galaxy

dgilleece dgilleece@optimumnetworks.com
Thu, 11 Apr 2002 10:57:03 -0500


Given the seriousness of recent events, your company can't afford the
liability of inaction.  They can't appear to condone it, ignore it, or
simply "look the other way."  Millions of dollars are changing hands in
these lawsuits...

Steve is right on the money about establishing the Acceptable Use policy,
and I dont' think there is anything smartassed about redirecting the DNS
lookup to a warning.  Demonstrating an active attempt to prevent the
unauthorized access is a nice thing to have when you hear words like "your
Honor," and "ladies and gentlemen of the jury."

Dan
----- Original Message -----
From: "Cowles, Steve" <Steve@SteveCowles.com>
To: <shorewall-users@shorewall.net>
Sent: Thursday, April 11, 2002 7:33 AM
Subject: RE: [Shorewall-users] Blocking Audio Galaxy


> > -----Original Message-----
> > From: Louie Martinez [mailto:louie@kopykake.com]
> > Sent: Thursday, April 11, 2002 1:56 AM
> > To: shorewall-users@shorewall.net
> > Subject: [Shorewall-users] Blocking Audio Galaxy
> >
> >
> > Has anyone come up with some rules for blocking outgoing
> > connections to  Audio Galaxy? I'd like to implement a no
> > audio galaxy policy in our office and want to enforce it
> > by blocking audio galaxy clients from passing information
> > out through the firewall.
>
> The best "policy" is a written security policy that bans the use of AG at
> the workplace. If violated, it grounds for termination.
>
> > I attempted to locate more information about the protocol
> > they use but wasn't able to find anything.
>
> The AG FAQ addressed what ports the AG client uses.
> http://www.audiogalaxy.com/satellite/info/faq.php?#firewall
>
> There were also some good posts in the AG Message Board regarding this
> topic.
>
http://www.audiogalaxy.com/pages/messageBoard.php?&context=forum&contextID=8
>
> > If anyone has some type of rule set already in place, please
> > share it with me.
>
> I don't, but based on what I read in the FAQ, it looks like you need to
> block outbound FTP requests to the AG servers. Unfortunately, it looks
like
> the AG client can also be configured to use other ports to search for
music
> (web search). Plus, it looks like this product even supports http based
> downloads.
>
> Again, consider writing a security policy that bans the use of AG at the
> workplace. Get your HR department, president, etc... to adopt and sign off
> on your security policy and then publish it.
>
> One final thought -- If you have a sense of humor (or just wanting to be a
> smartass), you could always configure your DNS server to return the IP
> address of your companies web server for the entire audiogalaxy.com name
> space, then display the security policy regarding the use of AG at the
work
> place. :-)
>
> Steve Cowles
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@shorewall.net
> http://www.shorewall.net/mailman/listinfo/shorewall-users
>